Local Privilege Escalation Vulnerability in Android Operating System
CVE-2024-49735
7.8HIGH
Summary
A vulnerability exists in the Android Operating System that may result in a failure to persist permission settings across various components, primarily due to resource exhaustion issues. This flaw enables local users to escalate their privileges without requiring additional execution privileges, and it poses a potential risk to the system integrity. Notably, user interaction is not necessary for the exploitation of this vulnerability, making it particularly concerning for device security.
Affected Version(s)
Android 15
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published